[cabfpub] .onion proposal

Jeremy Rowley jeremy.rowley at digicert.com
Wed Nov 12 23:44:45 UTC 2014

If something comes up that is equally as important, I think we should address the problem in the BRs and consider how to deal with it.  Afterall, we make changes to the guidelines on a regular basis for other reasons.  Dealing with real-world limitations caused by the guidelines is a very good reason for making a change.

I doubt delegation of .onion by IANA would make anyone happy, especially not Tor and its users. Delegation doesn't really fit in their plan since the names are created from a key rather than registered with a registry. Although technical solutions may eventually be in place, the CAB Forum can act more quickly than that to show support for Tor and entities using .onion addresses.

From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On Behalf Of Eddy Nigg
Sent: Wednesday, November 12, 2014 4:24 PM
To: public at cabforum.org
Subject: Re: [cabfpub] .onion proposal

On 11/12/2014 10:51 PM, Jeremy Rowley wrote:
I'd like to continue the .onion discussion that I started here about a month ago. Primarily, I'd like to see how we can create a very limited exception to the general prohibition on internal name certificates that will take effect in 2015 for the purpose of permitting the CA community to  show support for both Tor and entities operating .onion names.

Personally I'm very much against any exception after we finally could establish a common parameter on what goes and what doesn't go into a certificate. Today it's TOR and tomorrow there will be something else - and each is at least as important as the other.

Why don't register the interested parties a onion TLD with IANA? Or TOR could adapt a different naming convention instead? The solution will be probably technical and not in form of an exception.


Eddy Nigg, COO/CTO

StartCom Ltd.<http://www.startcom.org>


startcom at startcom.org<xmpp:startcom at startcom.org>


Join the Revolution!<http://blog.startcom.org>


Follow Me<http://twitter.com/eddy_nigg>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20141112/67a2ff33/attachment-0003.html>

More information about the Public mailing list